endpoint detection and response (EDR)
GPTKB entity
Statements (50)
Predicate | Object |
---|---|
gptkbp:instanceOf |
cybersecurity technology
|
gptkbp:alsoKnownAs |
endpoint threat detection and response (ETDR)
|
gptkbp:analyzes |
endpoint data
|
gptkbp:coinedBy |
gptkb:Gartner
2013 |
gptkbp:component |
cybersecurity strategy
|
gptkbp:detects |
gptkb:advanced_persistent_threats_(APTs)
malware insider threats zero-day attacks fileless malware |
gptkbp:enables |
incident response
malware analysis threat hunting |
gptkbp:focusesOn |
endpoint devices
|
https://www.w3.org/2000/01/rdf-schema#label |
endpoint detection and response (EDR)
|
gptkbp:integratesWith |
gptkb:security_information_and_event_management_(SIEM)
security orchestration, automation, and response (SOAR) threat intelligence platforms |
gptkbp:marketedAs |
gptkb:CrowdStrike
gptkb:Sophos_Intercept_X gptkb:McAfee gptkb:Trend_Micro gptkb:SentinelOne gptkb:Microsoft_Defender_for_Endpoint gptkb:Cisco_Secure_Endpoint VMware Carbon Black |
gptkbp:monitors |
user behavior
network connections registry changes file activity process activity |
gptkbp:notableCollection |
endpoint data
|
gptkbp:primaryUse |
investigate security incidents
detect suspicious activities respond to threats |
gptkbp:provides |
forensic analysis
real-time monitoring automated response |
gptkbp:relatedTo |
gptkb:security
endpoint protection platforms (EPP) extended detection and response (XDR) |
gptkbp:requires |
cloud-based management console
endpoint agent |
gptkbp:supports |
compliance requirements
|
gptkbp:usedBy |
IT security teams
security operations centers (SOCs) |
gptkbp:bfsParent |
gptkb:Zero_Trust_Security
gptkb:Extended_Detection_and_Response_(XDR) |
gptkbp:bfsLayer |
7
|